charistmatwio.shop
|
|
|
|
Name: |
charistmatwio.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
ignoracndwko.shop
|
|
|
|
Name: |
ignoracndwko.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
grassemenwji.shop
|
|
|
|
Name: |
grassemenwji.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
stitchmiscpaew.shop
|
|
|
|
Name: |
stitchmiscpaew.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
preachstrwnwjw.shop
|
|
|
|
Name: |
preachstrwnwjw.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
commisionipwn.shop
|
|
|
|
Name: |
commisionipwn.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
complainnykso.shop
|
|
|
|
Name: |
complainnykso.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
exmptiondixv.shop
|
|
|
|
Name: |
exmptiondixv.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|
basedsymsotp.shop
|
|
|
|
Name: |
basedsymsotp.shop
|
TargetID: |
0
|
From Memory: |
false
|
Source: |
config extractor
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
C2 URLs / IPs found in malware configuration |
Networking |
Application Layer Protocol
|
LummaC encrypted strings found |
HIPS / PFW / Operating System Protection Evasion |
Deobfuscate/Decode Files or Information
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
|